On July 28, 2025, Aeroflot—Russia’s largest state-owned airline—was brought to its knees in one of the most severe cyberattacks since the country’s invasion of Ukraine in 2022. The sophisticated assault, carried out by Ukrainian hacktivist group Silent Crow and the Belarusian Cyber-Partisans, led to the cancellation of more than 100 flights, stranded thousands of passengers across Moscow’s Sheremetyevo Airport and beyond, and triggered chaos at every level of Russia’s aviation sector.
The attackers claim they had deep-tier access to Aeroflot’s corporate systems for a full year before executing their strike, ultimately destroying over 7,000 physical and virtual servers and stealing more than 20 terabytes of sensitive data—including passenger personal identifiable information (PII), employee records, internal communications, and even recorded phone calls. Silent Crow has threatened to release portions of this data unless Russia ends its “repressive cyber-aggression.”
Beyond the immediate disruption, the attack has sent shockwaves through Russia’s tourism and aviation industries, costing Aeroflot tens of millions of dollars in damages, tanking its market value, and shaking global confidence in the security of air travel. For travelers, this serves as a stark reminder of how vulnerable aviation systems are in an era of escalating cyberwarfare. For Russia, it marks a humiliating breach of critical infrastructure during peak travel season, one that its own government has labeled “alarming.”
In this episode, we break down the scope of the Aeroflot cyberattack, the groups behind it, the geopolitical motivations fueling this new wave of digital warfare, and what it means for the future of global aviation security. We also examine the economic, reputational, and operational fallout for Aeroflot—and the broader warnings this incident sends to the entire aviation sector.
#Cyberattack #Aeroflot #SilentCrow #BelarusCyberPartisans #RussiaUkraineWar #DigitalWarfare #AviationSecurity #TourismCrisis #Cybersecurity #Hacktivism
